Updated to 5.5.13.b

author: jc_gargma <jc_gargma@iserlohn-fortress.net> 2020-03-30 21:11:58 -0700
committer: jc_gargma <jc_gargma@iserlohn-fortress.net> 2020-03-30 21:11:58 -0700
commit: ed259e9bbf844bdffe734bd8c8e45271136a1af4 (patch)
tree: e95a52d7ef88ac3d9556f0abf6f5ec0cf99faca6
parent: Updated to 5.5.13.a (diff)
download: linux-libre-hardened-ed259e9bbf844bdffe734bd8c8e45271136a1af4.tar.xz
3 files changed, 68 insertions, 8 deletions
diff --git a/0012-Revert-bpf-Provide-better-register-bounds-after-jmp32-instructions.patch b/0012-Revert-bpf-Provide-better-register-bounds-after-jmp32-instructions.patch
new file mode 100644
index 0000000..4e866fa
--- /dev/null
+++ b/0012-Revert-bpf-Provide-better-register-bounds-after-jmp32-instructions.patch
@@ -0,0 +1,57 @@
+From 9ff88052dbb54cdb7b05d91561b3540056c96e83 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Mon, 30 Mar 2020 22:37:11 +0200
+Subject: Revert "bpf: Provide better register bounds after jmp32 instructions"
+
+This reverts commit 581738a681b6faae5725c2555439189ca81c0f1f.
+---
+ kernel/bpf/verifier.c | 19 -------------------
+ 1 file changed, 19 deletions(-)
+
+diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
+index 7d530ce8719d..79f38a281390 100644
+--- a/kernel/bpf/verifier.c
++++ b/kernel/bpf/verifier.c
+@@ -1034,17 +1034,6 @@ static void __reg_bound_offset(struct bpf_reg_state *reg)
+ 						 reg->umax_value));
+ }
+ 
+-static void __reg_bound_offset32(struct bpf_reg_state *reg)
+-{
+-	u64 mask = 0xffffFFFF;
+-	struct tnum range = tnum_range(reg->umin_value & mask,
+-				       reg->umax_value & mask);
+-	struct tnum lo32 = tnum_cast(reg->var_off, 4);
+-	struct tnum hi32 = tnum_lshift(tnum_rshift(reg->var_off, 32), 32);
+-
+-	reg->var_off = tnum_or(hi32, tnum_intersect(lo32, range));
+-}
+-
+ /* Reset the min/max bounds of a register */
+ static void __mark_reg_unbounded(struct bpf_reg_state *reg)
+ {
+@@ -5677,10 +5666,6 @@ static void reg_set_min_max(struct bpf_reg_state *true_reg,
+ 	/* We might have learned some bits from the bounds. */
+ 	__reg_bound_offset(false_reg);
+ 	__reg_bound_offset(true_reg);
+-	if (is_jmp32) {
+-		__reg_bound_offset32(false_reg);
+-		__reg_bound_offset32(true_reg);
+-	}
+ 	/* Intersecting with the old var_off might have improved our bounds
+ 	 * slightly.  e.g. if umax was 0x7f...f and var_off was (0; 0xf...fc),
+ 	 * then new var_off is (0; 0x7f...fc) which improves our umax.
+@@ -5790,10 +5775,6 @@ static void reg_set_min_max_inv(struct bpf_reg_state *true_reg,
+ 	/* We might have learned some bits from the bounds. */
+ 	__reg_bound_offset(false_reg);
+ 	__reg_bound_offset(true_reg);
+-	if (is_jmp32) {
+-		__reg_bound_offset32(false_reg);
+-		__reg_bound_offset32(true_reg);
+-	}
+ 	/* Intersecting with the old var_off might have improved our bounds
+ 	 * slightly.  e.g. if umax was 0x7f...f and var_off was (0; 0xf...fc),
+ 	 * then new var_off is (0; 0x7f...fc) which improves our umax.
+-- 
+cgit v1.2.3-1-gf6bb5
+
diff --git a/PKGBUILD b/PKGBUILD
index cf0bb3d..b30d272 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -20,7 +20,7 @@ pkgbase=linux-libre-hardened
 _supver=5
 _majver=5
 _minver=13
-_hardenedver=a
+_hardenedver=b
 _gccpatchver='20191217'
 _gccpatchger='9.1'
 _gccpatchker='5.5'
@@ -58,6 +58,7 @@ source=(
   0009-drm-i915-Add-a-simple-is-bound-check-before-unbinding.patch
   0010-drm-i915-Introduce-a-vma.kref.patch
   0011-iwlwifi-dont-send-GEO_TX_POWER_LIMIT-if-no-wgds-table.patch
+  0012-Revert-bpf-Provide-better-register-bounds-after-jmp32-instructions.patch
   graysky_bdver2-hotfix.patch
   kernel_gcc_patch-${_gccpatchver}.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/${_gccpatchver}.tar.gz
   ath9k-regdom-hack.patch
@@ -73,7 +74,7 @@ validpgpkeys=(
 )
 b2sums=('a4d4c927af24f61aba451cc21117c5a508ab2037b81ca6add19b4838940f8f321c8bf14b2d35e388f93801d92b296a998c15d2aac92dc2df761322e7ea37dd1d'
         'SKIP'
-        'd0d1ed49e1f6b537137b486fb4092e1a1ef79c6fbdb9ce36a842a67e176090bf11cac4baf53356ccbb4a1c09689ae130bb1721ba779fdd231c03f46b08df04d0'
+        '0675b661107ccef3c8e61fe5d96d285d92cee67bdf7ea6ad9b972bf1409b141111e0f5ee6ae898e43154b4416fb693fa361249158833b48a322ae58c513d0859'
         'SKIP'
         '2e822cf7d4ff8b7458e22d3ce110fd8534e17a9aac2feace41c591f70697e1fab7bd9ce307c60a6361fbe525d10dab74c8b76fcb5276cd27f6e945f8fdfcc25c'
         'd8027cd96a447ea0987a67f3e65d157bb3d396069a944b140610f74c663677fe45e171e96a92dfd5eda8f71a5c715fd8114ee0e60b7620bc401a2a548bcf83cc'
@@ -85,11 +86,12 @@ b2sums=('a4d4c927af24f61aba451cc21117c5a508ab2037b81ca6add19b4838940f8f321c8bf14
         '63e9e6ceda80243910c073ec81555f2781d75ac4b3cb5000c1328f2624f7be840684b0f383768020e82bce502aa90a1c8729f7b3e91c099652075a42da2187cf'
         '078bb20a03b7e43ad0685b0c3f6a54f1c4bd32d25e0f6c6434100c6f5f5bc27cd6281bf2134b7c7034e6aa448d895d23c20d32f7d1cc40e55f0735af777694a3'
         '7b56fe6d171bc9f5154fd6dd89e6678f7e65f26d53551ebc758142a3440cb796b8f7badc361b1e19ff70dfc842dce235fb3b476d35994cb0022157ae64e28cf3'
+        '152bdc0b317a91a8d822bcb9fc7e5d0af158e5f8095ca88af9e9c03d9c1d6ff64c412be2849d5912f5e593eb890655da630bfe3e903a29aff3fd8de3634af004'
         '1892bd22775eac3bcc4d37f4fd30c95346bf3a0888cbbff57fd614973b525390dff2e315ce35b2e498523cceaab94ff21a80475dee8df3de4dd8fc0fab07d74e'
         'd76bd0bf237ea2bb7999fd3715cb664d89148cb0ade8057d57cdb40bc0a7954336e50ee077312e5e192398b0f35f055786deb98af9130d57e60f2ea040fbb66f'
         '2e58bb89b247b1678355368956e67c1de51fcde97a227b2162f6771e30f17fa5520faafe7be4b6816a542e7ae10d05f64c6b6354f352c12746d4b8da632936dd'
         'fde132f3705d908e6f2147c78a2193289916d72304ca5efa2229d79fc3e57a857314ce94e71425caef2f7f7b6cf87f05ef86335dc8bd4be78e7035afe608005a'
-        '59e91b346412d1be04cede5c8bf975c171f0d9fdb1aa034fb377f9f12ff837c99d8fb3af95316354a977d0f495d373863a61fbc5f4d9a6a532330aa6993c4b14'
+        'f97be5da0e531ace7d6a0c1afa02a247d7bbf40c1d458709e648c0360c9d487b629ef76bde87f24c30e0ad42701d18e587f3f621d19d3bd1d4c7446ef223854c'
         'd10810b3f96821965cfb106a53302329a346815b78ef5720dbd3b9065a0542034a4e071133459e4288304de5658c5509847ee8e6770a4d553593ed815034a0fb'
         'SKIP')
 
@@ -119,6 +121,7 @@ prepare() {
   patch -p1 -i ../0009-drm-i915-Add-a-simple-is-bound-check-before-unbinding.patch
   patch -p1 -i ../0010-drm-i915-Introduce-a-vma.kref.patch
   patch -p1 -i ../0011-iwlwifi-dont-send-GEO_TX_POWER_LIMIT-if-no-wgds-table.patch
+  patch -p1 -i ../0012-Revert-bpf-Provide-better-register-bounds-after-jmp32-instructions.patch
 
 
   # linux hardened patch
diff --git a/config b/config
index 519f130..516864e 100644
--- a/config
+++ b/config
@@ -2558,9 +2558,9 @@ CONFIG_HAVE_IDE=y
 #
 # SCSI device support
 #
-CONFIG_SCSI_MOD=m
+CONFIG_SCSI_MOD=y
 CONFIG_RAID_ATTRS=m
-CONFIG_SCSI=m
+CONFIG_SCSI=y
 CONFIG_SCSI_DMA=y
 CONFIG_SCSI_NETLINK=y
 CONFIG_SCSI_PROC_FS=y
@@ -2568,7 +2568,7 @@ CONFIG_SCSI_PROC_FS=y
 #
 # SCSI support type (disk, tape, CD-ROM)
 #
-CONFIG_BLK_DEV_SD=m
+CONFIG_BLK_DEV_SD=y
 CONFIG_CHR_DEV_ST=m
 CONFIG_BLK_DEV_SR=m
 CONFIG_BLK_DEV_SR_VENDOR=y
@@ -2709,7 +2709,7 @@ CONFIG_SCSI_DH_EMC=m
 CONFIG_SCSI_DH_ALUA=m
 # end of SCSI device support
 
-CONFIG_ATA=m
+CONFIG_ATA=y
 CONFIG_ATA_VERBOSE_ERROR=y
 CONFIG_ATA_ACPI=y
 CONFIG_SATA_ZPODD=y
@@ -2718,7 +2718,7 @@ CONFIG_SATA_PMP=y
 #
 # Controllers with non-SFF native interface
 #
-CONFIG_SATA_AHCI=m
+CONFIG_SATA_AHCI=y
 CONFIG_SATA_MOBILE_LPM_POLICY=3
 CONFIG_SATA_AHCI_PLATFORM=m
 CONFIG_AHCI_CEVA=m
author	jc_gargma <jc_gargma@iserlohn-fortress.net>	2020-03-30 21:11:58 -0700
committer	jc_gargma <jc_gargma@iserlohn-fortress.net>	2020-03-30 21:11:58 -0700
commit	ed259e9bbf844bdffe734bd8c8e45271136a1af4 (patch)
tree	e95a52d7ef88ac3d9556f0abf6f5ec0cf99faca6
parent	Updated to 5.5.13.a (diff)
download	linux-libre-hardened-ed259e9bbf844bdffe734bd8c8e45271136a1af4.tar.xz